Cisco PIX 515 upgrade failing

I'm trying to update a cisco pix 515.  I TFTP the pixXXX.bin file and it doesn't ask me to load to flash.  I get a compressed image : decoding error = 1.

I have to load it from monitor mode because the first time I tried to load the bin file it failed and now it won't load anything.

This is what I get after loading image.

Cisco Security Appliance admin loader (3.0) #0: Tue Nov  6 18:34:28 MST 2007
sumval(0x8390) chksum(0x0   )md5(0xe2334b81 0xcec51c4b 0x2b3cc798 0xd20fa029)
md5(0xc36b8164 0x9cfab366 0x0589dab6 0x1ce10d34)
Checksum verification on install image failed.



Rebooting....

Cisco Secure PIX Firewall BIOS (4.0) #0: Thu Mar  2 22:59:20 PST 2000
Platform PIX-515
Flash=i28F640J5 @ 0x300
IntekTechAsked:
Who is Participating?
 
Ernie BeekConnect With a Mentor ExpertCommented:
That might be the wisest thing to do in this case. The 515 indeed is end of sale, life, support, etc.
0
 
IntekTechAuthor Commented:
PLEASE HELP!!!!!

The firewall is not working.

Thanks
0
 
Ernie BeekExpertCommented:
Looks like that image is corrupt. Could you try downloading it again from Cisco?
0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
IntekTechAuthor Commented:
I downloaded multiple copies.  Still does the same thing.  I'll try again now.
0
 
IntekTechAuthor Commented:
This is what I got after the TFTP.

Received 7630848 bytes

Cisco Security Appliance admin loader (3.0) #0: Wed Mar 18 16:07:32 MDT 2009
sumval(0x8573) chksum(0x0   )md5(0x3053d49b 0x9445f51c 0x83fe466b 0xb3e7d7a7)
md5(0xb2589d2d 0x0a690408 0x244b3e7d 0x018693d5)
Checksum verification on install image failed.
0
 
fgasimzadeCommented:
Search for "failed" keyword on the link above, you will find some info regarding you error
0
 
Ernie BeekExpertCommented:
So how are you trying to tftp it over?
0
 
IntekTechAuthor Commented:
I tftp from monitor mode
0
 
Ernie BeekExpertCommented:
What commands did you use?
Did you try another image (version)?
Did you try another tftp server?
Did you check the ( memory) requirements for the new image?
0
 
IntekTechAuthor Commented:
I can only use the monitor mode commands:
interface, address, server, gateway, file, and tftp

I tried multiple images with the same TFTP Server.
I'm running 256MB RAM on the PIX 515

What TFTP Server would you recommend using?
0
 
InteraXCommented:
Have you checked the md5 checksum of the image you have with the one published on cisco's download site?
0
 
Ernie BeekExpertCommented:
I normally use the one from solarwinds: http://www.solarwinds.com/products/freetools/free_tftp_server.aspx

Or I use the one included in kiwi cattools: http://www.kiwisyslog.com/kiwi-cattools-overview/
0
 
IntekTechAuthor Commented:
Do I have to match the checksum with my pix's?
0
 
Ernie BeekExpertCommented:
You have to check the md5 checksum of the downloaded binary (using a tool like: http://www.softpedia.com/get/System/File-Management/MD5-Check.shtml) against the value on the cisco download area for that binary.
0
 
IntekTechAuthor Commented:
checksum was good on downloaded file.  This is what I get when trying to load it on the PIX.

Received 1658880 bytes

Cisco Secure PIX Firewall admin loader (3.0) #0: Fri Jun  7 17:35:02 PDT 2002
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xd8000
imgsum_config: sumval(0xb8d2) md5(0x02e2b648 0xde86edf0 0x6215ea96 0x66ed027c)
imgsum_verify: chksum(0x0   ) md5(0x513bb0f7 0x09df2683 0xd31c7b6f 0x1ff80e82)
Checksum verification on flash image failed.
imgsum_config: sumval(0xd624) md5(0x02e2b648 0xde86edf0 0x6215ea96 0x66ed027c)
imgsum_verify: chksum(0x0   ) md5(0x0221c84f 0x5304713d 0xc3e80f0a 0xe80412b7)
Checksum verification on install image failed.
0
 
Ernie BeekExpertCommented:
Ok, already tried another tftp server?
0
 
IntekTechAuthor Commented:
Yeah.  downloaded the solarwinds.  Same thing.

seemed yesterday I loaded pix635.bin and this is what I got below.  When I put the license information in it goes to flash and then loads the run config.  When I do a reload it doesn't load it back.

Cisco Secure PIX Firewall admin loader (3.0) #0: Thu Aug  4 21:23:30 PDT 2005
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xd8000
imgsum_config: sumval(0xb8d2) md5(0x02e2b648 0xde86edf0 0x6215ea96 0x66ed027c)
imgsum_verify: chksum(0x0   ) md5(0x513bb0f7 0x09df2683 0xd31c7b6f 0x1ff80e82)
Checksum verification on flash image failed.
Serial Number: 480281048 (0x1ca081d8)

Enter Activation Key
    Part 1 of 4:
0
 
IntekTechAuthor Commented:
ok.  I just got it loaded to pix6.2(2).

I'm afraid to reload it or try an upgrade again.  What should I do?
0
 
Ernie BeekExpertCommented:
First check if there is a line like ' boot system flash ......' in your config, pointin to the correct image. If there is, first try a reboot. You have to going to try that sometime, might as well do it now.
0
 
IntekTechAuthor Commented:
I didn't find "boot system flash...." in the config.  I reloaded the pix and all gone again.

tftp pix622.bin again.

Cisco Secure PIX Firewall admin loader (3.0) #0: Fri Jun  7 17:35:02 PDT 2002
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xd8000
imgsum_config: sumval(0xb8d2) md5(0x02e2b648 0xde86edf0 0x6215ea96 0x66ed027c)
imgsum_verify: chksum(0x0   ) md5(0x899ff396 0xb4b84285 0x0b008f98 0x63be9a21)
Checksum verification on flash image failed.

I really need to get this resolved.  I would love to get the latest on there.
0
 
Ernie BeekExpertCommented:
Well, as I said: if there is, try a reboot.

So you're in rommon again. If you do a dir or show flash, what does it show?
0
 
IntekTechAuthor Commented:

pix515fw# sh flash
flash file system:  version:2  magic:0x12345679
  file 0: origin:       0 length:1540152
  file 1: origin: 7602176 length:2337
  file 2: origin:       0 length:0
  file 3: origin:       0 length:0
  file 4: origin: 8257536 length:280
0
 
Ernie BeekExpertCommented:
?
That prompt doesn't look like a rommon prompt.
So are you in rommon or just normal mode?
0
 
IntekTechAuthor Commented:
I'm in normal, but if I reload I will lose it.
0
 
Ernie BeekExpertCommented:
Ok, is that an exact screenshot of the sh flash?
Not looking good. That might indicate that your flash is corrupt.
Let me try to remember if that can be tested.
0
 
IntekTechAuthor Commented:
Yes, exact screenshot.  Let me know.
0
 
Ernie BeekExpertCommented:
Try to do a 'clear flashfs', then reload, go to rommon and try to load the image again. See if it then wil commit to flash.
0
 
IntekTechConnect With a Mentor Author Commented:
still no luck.  I think it might be hardware problem. Might be flash corruption.
0
 
Ernie BeekExpertCommented:
I am afraid it's starting to look like it :-~
Any change you still have a smartnet for the device?
0
 
IntekTechAuthor Commented:
no smartnet.  Not offered for the pix 515.  End of life apparently.  Tried to buy one a few months ago, but no luck.  Oh well.  Guess it's time for an ASA for the client.
0
 
IntekTechConnect With a Mentor Author Commented:
Ordered an ASA5505 for replacement.  Thanks for the help.
0
 
IntekTechAuthor Commented:
Thanks for the help erniebeek.  Through a little research online found that it might be flash corruption.
0
 
Ernie BeekExpertCommented:
You're welcome. Glad I could help you part of the way.
Thx for the points :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.